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PREFACE 

The   Institute   for  Computer  Sciences  and  Technology  of  the  National 
Bureau  of  Standards    (NBS)    is   developing  a  basis   to  begin   standardization 
of  the   user  protocols  for  network  access   to  computerized  information 
systems.      With  support  of  the  National   Science  Foundation' s  Office  of 
Science  Information  Service,    a  proposal   has  been   completed  for  a 
standard  interactive  protocol    to   initiate  and   terminate  access   to   any 
computer-based   service.      This  protocol   divides   the  access  procedure   into 
a   sequence  of  specific  functional    steps,    e.g.    user  identification  , 
authorization ,    etc. ,   and  defines   the  occurrence  and  purpose  of  user 
input  messages  and   system  output  messages. 

An   initial    NBS   draft   of   this   proposed  protocol    was   reviewed  and 
revised  during  a   workshop  held  at   NBS  in  October  1974.      The  workshop 
participants  were   selected  authorities   representing  library  and  informa- 
tion service   users,    software  and  service  producers,    and  Federal   agencies 
supporting  major  services . 

Workshop  results   were  summarized  in   this  report,    and  a  draft   copy 
was  circulated   to  all   workshop  participants  and  a   few  other  interested 
parties,    with  requests   for  comments.      Most   of  the  comments  received  were 
incorporated  in   this  paper.      All    comments   will   be   utilized,  in   further 
standardization   work.      This   report   documents  results  as  of  March  1975. 

Protocol    standardization  could  proceed   from  this  basis  by  refining 
the  detailed  requirements   for  an   intended   user  group    (e.g.    Federal 
Government  agencies) ,    and  subsequently  delineating  the  needed  codes, 
formats,    and  options. 
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A   BASIS  FOR   STANDARDIZATION  OF  USER-TERMINAL 
PROTOCOLS  FOR   COMPUTER  NETWORK  ACCESS 


J.    Neumann 


A  user-terminal  protocol   is  defined  which  enables  a   user 
at  a  terminal   to  access  computerized  information  systems.      The 
basic  functions  such  as  identification,   authorization,   and 
validation  are  outlined  and  various  signals  and  messages  mak- 
ing up  the  protocol  are  identified.      The  purpose  of  the  paper 
is  to  establish  a  basis  for  standardization  and  development  of 
a   unified  user  protocol. 

Key  Words:      Command  languages ,   computers,  man-machine  systems, 
networks,    system  commands,    user  protocols. 


1.       PURPOSE  AND  SCOPE 

This  report  outlines  a  user  protocol,   or  access  procedure,    which 
permits  a   user  to  access  computerized  information  systems  from  a  data 
terminal.      "User-Terminal   Protocol"   or  "User  Protocol"   in   the  context  of 
this  document,   refers   to  the  interaction  between  a  user  at  a   terminal 
and  a  computer  system,   as  needed  to  initiate  or  terminate  any  interactive 
or  conversational   form  of  computer  service. 

The  scope  of  procedures  defined  here  is  directed  at,   but  not  neces- 
sarily restricted  to,    the  interactive   use  of  unbuffered  keyboard/display 
terminal   devices,    i.e.    devices  in  which  depression  of  a  key  normally  re- 
sults in  immediate  transmission  of  a   single  character ,   communicating  by 
means  of  the  ASCII  code,   as  defined  in  FIPS  Pub  1    (or  the  American 
Standard  Code  for  Information  Interchange,   American  Standard  X3. 4-1968) . 

This  paper  is  a  revision  and  considerable  expansion  of  a  draft 
reviewed  at  a  workshop  held  at   the  National   Bureau  of  Standards  on 
October  30-31,   1974.      The  changes  made  by  the  workshop  participants  are 
incorporated  in   this  report.       (A  list  of  participants   is  given  in 
Appendix  1.) 

The  original   draft  included  considerable  format  detail.      Since 
agreement  of  functional   requirements  must  precede  standardization  of 
format  details,    the  latter  have  been  omitted  and  the  paper  now  concen- 
trates on  functions  performed  by   the   user  and   the  system.      In   the  future, 
after  consensus  has  been  reached  on  functional   requirements  for  user 
protocols,   work  could  proceed  towards  definition  and  standardization  of 
formats,   message  structures,   display  symbology ,   and  procedural   detail. 


This  paper  is  expected   to  serve  as  a  working  proposal   and  point  of 
departure  for  standardization  of  user  protocols  for  computer-based  in- 
formation systems. 

Sections   3   through  8  are  written   in  a   format   that  can  be  converted 
easily  into  a   standard^  document,   by  omission  of  the  explanatory  notes 
which  are  appended  to  clarify  points  of  disagreement  or  the  rationale 
behind  procedural   features.      These  notes  could  be  incorporated  in  an 
appendix   to  the  standard  or  in  expository  remarks  accompanying  the 
approval   of  the  standard. 


2.       BASIC   CONCEPTS 

From  a   user's   viewpoint,   entry  to  a  computerized  information  system 
consists  of  a  series  of  user  and  system  actions.      The   user  protocol   for 
entry  begins  at  the  moment  a   user  makes  his  first  contact   with  the 
system,   by  depressing  a  key,   or  turning  a  switch,    and  is  completed  when 
he  begins  an  application   use  of  a  program,   data  base,   or  special  purpose 
information  processing  capability. 

Several   functional  phases  can  be  outlined  as  seen  from  the   user's 
viewpoint.      The   user  protocol   consists  of  an  entry  phase,    and  an  exit 
phase.      The  entry  phase  consists  of  the  following: 

Communications  connection 
Access  request 
User  identification 
Authentication 
Service  selection 

Similarly ,    the  exit  phase  includes: 

Exit  request 

Display  of  accounting  information 

Communications  disconnection 

Separation  into   these  phases  is  based  on  many  technical   and  organi- 
zational  reasons.      Communications  connection  is  usually  achieved  through 
the  public  telephone  system,   and  is  constrained  by  established  pro- 
cedures,  designed  primarily  for  voice  communication.      Access  request   is 
often  implied  by  calling  a  dedicated  telephone  number,    connecting  to  a 
reserved  port  or  computer  entry  channel.      User  identification,   authenti- 
cation and  service  selection  are  determined  by  individual   service 
organization  practices. 


The  present  degree  of  standardization  differs  for  the  various 
phases.      Communications  connection  is  comparatively  well   standardized, 
and  rather  uniform  procedures,   directories,   and  facilities  exist — world- 
wide— for  the  telephone  plant.        As  far  as  terminals  are  concerned,    there 
exists  a  profusion  of  equipments,    with  varying  capabilities.      Although 
there  are  compatible  sets  of  standard  codes  available   fl] ,    [2] ,    not   all 
manufacturers  follow  the  standard,   and  implementations  of  the  standard 
code  vary  in  subsets  of  the  standard  code.      Terminal   capability  thus 
affects  user  protocols. 

Similarly,    implementations  of  the  protocol   functions  differ,   both 
as  to  content  and  form   [3],  [4] .      Communications  procedures  are  not   con- 
sidered further  as  subjects  for  standardization  here,    except  as  they  may 
affect   the  other  functions  described. 

A  spectrum  of  possible  procedures  can  be  envisioned  to  accommodate 
the  wide  variety  of  computer  service  users.      Two  cases  are  considered  in 
this  paper:      an   interactive  procedure;    and,    a   simplified,    terse  pro- 
cedure.     The  interactive  procedure    (see  pages  5   and  6)    is  relatively 
easy  to  use,   provides  step-by-step  guidance   to  a   user,   and  leads  him  to 
the  desired  result  by  appropriate  system  responses  to   user  entries.      The 
terse  procedure    (see  page  6)    requires  less   time  at   the   terminal,   but 
taxes  the  user's  capability  and  requires  more  training. 


2.1     Impact  of  Emerging  Technology 

Some  of  the  user  protocols,    especially   those   used  in   connection 
with  computer  networks,   can  be  quite  complex  and  difficult   to  use  for 
the  casual   user.      Additional   automation  of  the   user  protocol  may  help  to 
unburden   the  user.      As  an  example,    entry  of  a  machine  readable  card  into 
a  terminal   reader  may  provide  user  identification,   possibly  a  service 
request,   and  other  data  required  to  provide  service.      Such  implementa- 
tion may  require  additional  procedural   standards,    which  though  they  are 
beyond  the  scope  of  this  discussion,    should  be  taken  into  account  in 
subsequent  standardization  or  user  protocols. 


2.2      The  User 

User  protocols  need  to  be  designed  and  standardized  for  a  wide 
variety  of  people.      Presently,    terminal   access  to  a  great  extent   is  the 
prerogative  of  computer  specialists  or  specially  trained  operators  of 
terminals  in  airline  reservation,   banking,   and  retailing  systems.      For 
interactive  information  systems,    it   is  envisioned  that  a  general    type  of 
user  who  is  not  a  computer  professional   will  have  access   to  these 
systems.      The  access  procedure  therefore,   must  be  simple,    easily  learned, 
and  easily  understood. 


2.3     The  System  and  System  Levels 

The  user  will  have  access  to  a  keyboard,  similar  to  a  typewriter 
keyboard,  and  to  a  display,  either  characters  printed  on  a  typewriter- 
like device,   or  shown  on  a  cathode  ray  screen. 

The   terminal   user  knows  little  if  anything  about   the  various  levels 
of  communications  switching ,    such  as   the  local   office,    regional   or  area 
switching  centers,   and  similarly  knows  little  about   the  computer  hard- 
ware,  and  the  various  levels  of  software  which  provide  service   to  him. 
He  finds  it   difficult   to  distinguish  between  communications  handling 
software,   operating  systems,   applications  programs,   and  data  base  manage- 
ment  systems  while  working  at   the  terminal.      Often  different  signals  or 
commands  are  required  by  different  levels  of  software ,    and  system  reac- 
tions by  these  levels  vary  for  functions  which  appear  identical   to  the 
user.      Often  no  distinction  is  made  between  these  levels  by  the   user, 
although  some  general  provisions  must  be  made  to  permit   user-controlled 
change  of  level   during  service  operation.      The  user  should  not  have   to 
consider  levels  during  the  entry  or  exit  procedure. 

"System,"   in   the  context  of  this  paper,   refers  to  all   hardware, 
software  and  procedures  supporting  the  operation  of  the  entry  keyboard 
and  the  output  display.      The   "system"   is  invisible  to  the   user,   and  the 
only  means  of  interaction  between   user  and  system  are  the  keyboard  and 
the  display. 


2.4     Security  and  Privacy 

In  the  context  of  this  document,    we  consider  providing  aids  to  the 
user  in  order   to  facilitate  his  access   to   the  system.      We  must  realize, 
however,    that  this  may  introduce   the  issue  of  security  and  privacy: 
providing  aid  to  the   user  may  also  facilitate  illegal   entry  to   the 
system. 

In  a  large  number  of  systems  such  as  automated  library  systems, 
these  issues  play  a  minor  role.      In  many  data  or  information  systems, 
security  and  privacy  requirements  play  a  major  role,   and  standardization 
of  user  protocols   for  these  systems  must   take  them  into  account.      In 
addition,    current  development  in  hardware,    software  and  procedures  in 
connection  with  data  protection  and  privacy  will   affect   user  protocols, 
and  must  be  considered  in  standardization. 


3.      MINIMUM  USER   PROTOCOLS 

Minimum  protocols  are  defined  to  be  the  entry  procedure  and  the 
exit  procedure.      These   two  procedures  are  outlined  in   tables  1,   2,   and  3, 
and  are  explained  further  below.      Note  that   the  heavy  outlined  boxes  in 
these  tables  describe   those  protocols  which  are  candidates  for  standardi- 
zation.     Related  procedures  shown  outside  of  these  boxes,   need  to  be 
recognized,   but  are  not  considered  for  standardization   themselves  at 
this  time. 


COMMUNICATIONS  CONNECTION  VERIFICATION    (Not  part   of  entry 
procedure) 

USER  ACCESS  REQUEST    (Not  part  of  entry  procedure) 

User  sends  access  request 


SYSTEM  ACKNOWLEDGEMENT 

System  receives  access  request    (5.1)* 

System  sends  system  identification  message    (5.2) 

System  sends  identification  request    (5.3) 

USER   IDENTIFICATION 

User  receives  identification  request    (5.3) 
User  sends  identification  message    (5.4) 

VALIDATION    (5.5) 

USER  AUTHENTICATION    (Optional) 

System  requests  authentication  message    (Password) 
(5.6) 

User  receives  authentication    (Password)    request 

User  sends  authentication  message    (Password)    (5.7) 

SYSTEM  SENDS  AUTHORIZATION  MESSAGE    (5.8) 

SYSTEM  SENDS  OPERATIONAL   STATUS  MESSAGE    (Optional)     (5.9) 

USER  SERVICE  SELECTION    (May  be   implicit)     (5.10) 


SERVICE  OPERATION    (Not  part  of  entry  procedure) 


*  Reference  numbers  point   to  message  detail   in  section  5. 

Table  1.      Entry  Procedure 


USER  OPERATES  SYSTEM,   decides  to  Stop    (Not  part  of  exit 
procedure) 

User  sends  exit  request    (not  part  of  exit  procedure) 

EXIT  REQUEST 

System  receives  exit  request 
System  processes  accounting  data 
System  sends  accounting  message   (5.15) 
System  sends  end  message   (5.16) 

COMMUNICATIONS  DISCONNECTION   (Not  part  of  exit  procedure) 

Table  2.      Exit  Procedure 


Hardware  Connection  Verification 

User  sends  access  request    (Not  part  of  entry  procedure) 


SYSTEM  ACKNOWLEDGEMENT 

System  receives  access  request    (5.1) 

System  sends  system  identification  message   (implying  user 
identification  and  password  as  next  user  steps)    (5.2) 

USER  ENTRY 

User  sends:   User  Identification,   Password,  Service 
Selection  Message    (5.4-,    5.7,   5.10) 

System  sends  operational  status  message   (implying 
authorization    (5.9) 


Service  operation    (Not  part  of  entry  procedure) 


Table  3.     Abbreviated   (terse)   Entry  Procedure 


4.       USER  AND  SYSTEM  COMMANDS 

The  following  control   signals  and  commands    (this  section)    and 
messages    (Section   5)    form  the  detailed  access  procedures  outlined  in 
tables  1,   2,   and  3. 


4.1      Special   Control   Signals 

Two  types  of  unique  messages  occur  frequently  in  access  procedures 
and  receive  special   attention:    the  user  signal   and   the  system  signal.    [5] 

Each  user  message  is  ended  with  a  user  signal. 
Each  system  message  is  followed  by  a   system  signal. 


4.1.1      User  Signal.      This  signal   is  generated  by   the   terminal    user; 
it  indicates  that  an  immediate  task  of  data  or  command  entry  has  been 
completed,   and  that  the  user  is  waiting  for  system  action. 

Code*:  CARRIAGE  RETURN      or      NEW  LINE** 


4.1.2     System  Signal.      This   signal    is   generated  by  a   computer,   or 
a  processor  and  indicates   to  the  terminal    user  that   the   immediate 
processing  task  is  completed ,   and  that   the  next  action   is   up  to   the  user. 

Code:  CARRIAGE  RETURN      or      LINE  FEED      and      COLON** 

Note:      In   an  instructional,   or  verbose  mode,   an   additional    request 
to   the   user  may  be  desirable   such  as:      "USER:",    "READY:", 
"TYPE",      etc. 

4.2     Restart 

This  signal   is  used  by  the   user  to  reinitiate   the  entry  procedure, 
for  any  reason. 

Code:  BELL         (BEL) 

Note:     Restarting  or  interrupting  a  specific  operation  once  initia- 
ted is  now  regularly  done  by   the  BREAK  signal,    which  however 
is  not  provided  for  in   the  ASCII  code.      This   is  an   important 
and  often   used  function,   and  further  investigation   is  needed. 
A  special    "restart"  key  may  need   to  be  recommended   to  key- 
board designers  and  standardizing  agencies. 


*  Code  refers  to  the  ASCII  Character  Code  Designations. 
**  Implementation  depends  on   terminal  capabilities  and  communication 
modes.      Several   different  options  need  to  be  determined. 
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4.3     Literal 

This  signal,  when  preceding  control  characters  or  control  signals 
eliminates  the  control  significance ,  and  causes  the  character  following 
the  literal  prefix  to  lose  its  special   significance. 

Code:  SUBSTITUTE    (SUB)  Also:    CONTROL-Z 

Note:      A  literal  convention   is  also  needed  for  character  strings. 

The  double  quotation  mark  has  been  recommended  for   this  use. 


4.4     Word  Separator 

This  signal   is   used  to  separate  command  words  or  data  elements  in 
the  abbreviated  access  procedure. 

Code:  COMMA 

Note:      A  strong  case  can  be  made   to   use   the  space  character  as  a 
separation  device.      It  is   in  almost   universal    use  now  in 
interactive  systems.      One  difficulty  with  this  is   that  it 
cannot  be  seen;    this  difficulty  is  reduced  if  the  input 
device  has  a  reasonably  good  type-position  indication. 
Further  discussion   is  needed  to  resolve  this. 


4.5     Delete  Commands 

These  commands  are  used  by   the   user  to  delete  portions  of  the 
access  procedure  messages. 


4.5.1     Delete  Last  Character  Entered    (Delete  Character) .      This 
command  deletes   the  last  character  entered  by   the  user,    and  frees  the 
character  position  for  a  new  character  entry.      In  the  case  of  a  literal, 
it   deletes  both  the  character  and  the  literal   prefix. 

Code:  DELETE      (DEL) 


4.5.2     Delete.      This  command  deletes  all   characters  entered  by 
the   user  on   the  current  line. 

Code:      CANCEL    (CAN)  Also:    CONTROL-X 


5.  USER  AND  SYSTEM  MESSAGES 

The  following  standard  messages  are  part  of  the  access  procedures 
outlined  in  tables  1,   2,  and  3. 


5.1     User  Access  Request    (Not  part  of  entry  procedure) 

This  is  implied  by  a  user  calling  a  computer  access  number  and 
receiving  a  communications  signal   indicating  establishment  of  terminal- 
computer  communications. 

Note:     In  addition,   as  a  result  of  the  access  request,   certain  user 
specified  format  conventions  must  be  established,   and  termi- 
nal attributes  must  be  recognized  by  the  processor ,  before 
communications  between   the  user  at   the  terminal   and  the 
system  can  be  effected.      This  may  be  done  by  automatic 
interrogation  of  the  terminal,  or  by  entry  of  format  codes 
and  terminal  attribute  codes  by  the  user. 

There  are  many  other  variants  of  generating  a  user  access  request, 
depending  on  hardware  and  software  factors.      The  system  should  acknowledge 
completion  of  the  communications  connection  process,   which  is  done  by  the 
system  identification  message.      This  message  from  the  system  to  the  user 
is  the  first  message  of  the  access  procedure,  and  serves  as  a  system 
acknowl edgemen t . 


5.2     System  Identification  Message 

Upon  receipt  of  the  access  request,   the  system  sends  a  message  to 
the  terminal  which  indicates  the  operability  of  the  system,   and  which 
furnishes  some  basic  system  identification  to  the  user.      The  message 
contains  the  following  data  elements: 

Administrative  Code    (Optional) 

Date   (Optional) 

Port  Connection    (Optional) 

System  Name 

Time   (Optional) 

Note:     There  is  agreement  on  system  name  as  the  basic  ingredient 
of  this  message.      Other  elements  listed  are  optional,  and 
may  be  omitted  in  the  interest  of  brevity.      The  port  con- 
nection may  be  useful   in  tracing  of  communications  errors. 
It  may  be  expressed  in  the  form  of  a  telephone  number  or  a 
port  number. 


5.3     Identification  Request 

Immediately  following  the  system  identification  message,    the  system 
sends  the  identification  request   to  the   user.      The  message  has  one  of  the 
following  forms: 

"PLEASE  ENTER   USER   IDENTIFICATION"    * 

"PLEASE  ENTER   USER   ID" 

"PLEASE  ENTER   ID" 

"ID" 

Note:  There  are  divergent  opinions  on  the  desirability  of  the 
various  forms  shown  above.  The  first  long  form,  normal 
language,  is  the  most  understandable.  The  last  form  is 
highly  abbreviated  and  would  require  a  more  experienced 
user.  Some  options  should  probably  be  allowed  to  provide 
for  the  explicit  and  abbreviated  forms.  Each  identification 
request  is  followed  by  a   system     signal. 

5.4     Identification  Message 

This  message  is  sent  by  the   user  in  response  to   the  identification 
request    (section   5.3).      It  consists  of  a   string  of  characters  generated 
at   the  keyboard  which  serves  to  identify   the   user,   primarily  for  account- 
ing and  billing  purposes. 

Note:      The  length  of  the   string  will    usually  be  limited,    but   within 
the  restricted  length,   any  ID  code  will   be  acceptable. 
Fields  of  the   user  identification  code  may  be   subdivided  in 
subfields  reserved  for  user  name,    user  number,   organizational 
unit  code,   etc.      These  data  are   used  for  administrative , 
statistical   and  billing  purposes. 


5.5      Validation 

The  system  receives  and  analyzes   the   user  identification  for  accept- 
ability.     If  acceptable,    the  access  procedure  continues  to   the  password 
request    (section   5.6).      If  unacceptable,    the  access  procedure  provides  an 
error  message    (sections  5 .11  and   5.13). 


*  Messages  or  message  elements     enclosed  in  quotation  marks  are   to  be  dis- 
played literally  as  shown.      Data   element  names  are   shown  in  lower  case. 
Implementation  of  a  displayed  message  is  dependent  on  availability  of 
upper  and  lower  case  characters,   and  is  not  considered  for  standardiza- 
tion at   this  time. 
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5.6     Password  Request 

A  password  is  the  most  common  form  used  for  authentication  by  the 
system.     A  password  is  assigned  to  an  individual  authorized  user  by 
administrative  procedure.      It  is  the  final  key  to  entry  into  the  system. 
The  password  is  protected  against  misuse  by  overprinting,    underprinting 
or  non  printing  to  prevent  a  reader  of  hard  copy,   or  an  observer  of  a 
visual   screen  from  unauthorized  knowledge  emd  possible  misuse  of  a  pass- 
word.     After  validation,    the  system  sends  a  password  request   to  the  user 
terminal  as  follows: 

"PLEASE  ENTER  PASSWORD"   or 

"PASSWORD"    or 

"PW" 


5.7     Password  Message 

The  user  enters  the  password,   which  consists  of  a  string  of  key- 
board enterable  characters,   i.e.    any  ASCII  characters  including  blank 
characters,    control   characters  and  user  signals  if  preceded  by  the 
literal  prefix. 


5.8     Authorization 

The  system  receives  and  analyzes  the  password  for  acceptability. 
If  acceptable,    the  access  procedure  continues  to  the  operational   status 
message    (section  5.9),   receipt  of  which  by   the  user  implies   to  him  that 
he  now  is  authorized  to  proceed  with  service  selection.      If  the  password 
is  not  accepted ,    the  access  procedure  provides  an   error  message    (section 
5.12) . 


5.9     Operational   Status  Message 

Password  acceptance  is  immediately  followed  by  the  operational 
status  message  which  furnishes   the  latest   information  on  the  operating 
status  of  the  system.      This  will   be  in  clear  text  and  may  contain  such 
items  as:     planned  system  down   time,    special   scheduled  operating  hours, 
unavailability  of  some  system  components,   and  a   telephone  number  for 
user  assistance. 


5.10     User  Service  Selection 

After  receipt  of  the  status  message,    the  user  is  free  to  select 
the  service  by   the  method  unique  to  the  particular  service  being  accessed. 
This  procedure  is  outside  of  the  access  procedure  considered  in   this 
document. 
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5.11     User  Identification  Error 

If  an  error  is  made  or  time  out  elapses  during  the  user  identifica- 
tion entry,   the  system  will  allow  two  additional  attempts  to  enter  an 
acceptable  user  identification ,   through  the  following  message: 

"INVALID  USER  ID,    PLEASE  REENTER  ID" 


5.12     User  Password  Error 

If  an  error  is  made  in  password  entry,   the  system  will  allow  two 
additional  attempts  to  enter  an  acceptable  password,   through  the  follow- 
ing message: 

"INVALID  PASSWORD,    PLEASE  REENTER  PASSWORD" 


5.13     Entry  Error  Shutdown  Message 

Upon  receipt  of  the  third  entry  or  after  three  minutes  of  inaction, 
either  during  user  identification,  or  password  entry,   the  system  denies 
service,  and  sends  the  following  message  to  the  user: 

"INVALID  ENTRY,   PLEASE  CALL   YOUR  SYSTEM  REPRESENTATIVE 
FOR  HELP" 

or 

"INVALID  ENTRY,   PLEASE  CALL   (nnn)    nnn-nnnn" 

where  the  string  of  "n"  characters  denotes  the  service  telephone  number. 

Note:     In  most  systems  today,   the  third  invalid  entry  causes 
automatic  disconnect. 

5.14     Exit  Request    (Not  part  of  access  procedure) 

This  message  indicates  to  the  system  that  the  user  desires  to 
terminate  the  session. 

Note:     The  exit  request  message  is  unique  to  the  particular  serv- 
ice system  used  and  varies  among  systems.     At  this  time,   it 
is  not  considered  part  of  the  access  procedure. 
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5.15     Accounting  Message 

Upon  receipt   of  the   exit   request,    the   system  provides   the  account- 
ing message  to   the   user.      It  contains   the   following  data   elements : 

DATE 

TIME   SESSION  STARTED 

TIME   SESSION  ENDED 

ELAPSED   CLOCK   TIME 

SYSTEM  NAME 

ADMINISTRATIVE  CODE 

In  addition ,   a  brief  statement   will   be   furnished  which   will    inform 
the  user  of  units  of  resources   expended  in   the   session,    from  system 
entry   to  system  exit.      This  may  be   in   terms  of  dollars  and   cents, 
resource   units,    connect   time,    etc. 

Note:      There  is  some   agreement   on   the  need   for   the   six   data   ele- 
ments  listed  above.      Systems   use  different   charging  algorithms , 
and   therefore ,    report   usage   differently.      Some   system  repre- 
sentatives feel    that   it   is  not   necessary   to   report    this   item. 
Some  agreement   on   usage   units  and  need   for   reporting  will   be 
needed  before   this   can   be   standardized. 


5.16     End  Message 

End  of  the  session   is   indicated  by   the   system  displaying  the 
message: 

"END" 

Note:      This  is  usually  appended   to   the   accounting  message. 

5.17     System  Termination 

If  it   should  become  necessary   to   terminate   the   session   from   the 
system  side,   the  user  will   be   informed  as   follows: 

"SYSTEM   TERMINATION" 
DATE 
TIME 

SYSTEM      NAME 
CAUSE  OF   TERMINATION 
. "END" 
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5.18     Irregular  User  Termination 

A  user  may  purposely  or  inadvertently  make  a  communications  discon- 
nection   (see   table  2.)      while  operating  the  system.      When   the  system 
detects  this  event,    it  will   close  the  interactive  session.     Upon  reentry 
the  user  will   receive  the  following  message: 

"IRREGULAR   TERMINATION" 

DATE,    TIME,   SYSTEM  NAME  and   "END"   will   be  shown  as   in   5.17  above. 

Note:   .  The  system  should  be  designed  to  facilitate  recovery  and  to 

permit   user  to  continue  work  from  the  state  at  which   termination 
occurred. 
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6.      DATA   ELEMENTS 

Data  elements ,   which  are  the  components  of  user  and  system  messages, 
are  listed  in  this  section. 

Note:      Details  of  format  are  dependent  on  terminal   hardware 
characteristics ,   software  implementation  and  codes  of 
existing  systems,   and  other  factors.      At   this  time,    it 
is  important   to  determine  format  standards.      Data   ele- 
ments appearing  in  the  previous  section  are  listed,   and 
some  of  the  constraints  are  noted. 


6.1      User  Identification 

User  identification  is  required  for  system  access  control,   account- 
ing and  statistical   purposes. 

Several   format  options  exist,    such  as  fixed  length  or  variable 
length  fields.      In  variable  length  codes,   a  maximum  field  size  may  need 
to  be  specified.      All   alphanumeric  characters  appearing  on  the  keyboard 
should  be  permitted  in  user  identification.      It  may  be  desirable  to 
allow  subfields  for  user  name,    user  number,   organization  code,   or  other 
administrative  classifications . 


6.2     Password 

The  password  is  required  for  system  access,   for  authentication  of 
user  access.      It  should  be  protected  from  unauthorized  use  by  under- 
printing,   overprinting,    or  by  non-printing  or  nondisplaying . 


6.3     System  Name 

A  system  name  is  an  optional   feature  of  the  system  identification 
message.      This  would  be  a  designation  coined  by  the  system  owner.      It 
should  uniquely  identify  the  system  to  be  accessed. 

Note:      Standardization  of  this  item  would  be  concerned  with  format, 
and  appropriateness  of  acronyms  or  abbreviations .      In  case 
of  duplication  or  similarity  of  system  names,   some  coordi- 
nating procedures  and  ground  rules  would  have  to  be 
established. 

6.4     Administrative  Code' 

This  code  permits  identification  of  an  organization  entity,   such 
as   a  department,   a  section,   or  a  division  of  an  organization.      It  is 
used  for  billing,   bookkeeping,   or  other  statistical   purposes. 
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6.5     Calendar  Date 

An  all  numeric  date  should  be  written  in   the  following  order: 

year-month-day 

nnnn-nn-nn 

where  "n"   designates  Arabic  numerals. 

A  hyphen   should  be   used  as  a   separator. 

The  year  should  be  represented  by  four  digits  to  clearly  indicate 
the  descending  order.      A  two-digit  representation  for  the  year  is 
optional   when  no  confusion  can  arise  from  the  omission  of  the  century 
(see  ISO  R2014) . 

Note:      Calendar  date  has  been  subject   to  National ,   Federal   and 
International   standardization.      ISO  Recommendation  R2014 
deals  with  writing  of  calendar  date  in  all  numeric  form. 
ANSI  X3.30  deals  with  representations  for  calendar  date, 
when   used  for  interchange  of  data  among  data   systems. 
The  standard  was  not  designed  for    (nor  does  it  preclude) 
usage  by  humans  as  input   to  or  output   from  data   systems. 
ISO  2711   deals  with  representation  of  ordinal   dates  for 
information  processing  interchange.      Federal   Information 
Processing  Standard  FIPS  4    (Calendar  Date)    is  prescribed 
for  interchange  of  formatted  machine  sensible   coded  data 
between  and  among  agencies  of  the  Federal   Government. 

6 . 6     Time 

Time  of  the  day  is   to  be  represented  by   the  sequence:      hour- 
minute-second  in  the  following  formats: 

h     m     s 

nn:nn:nn 

Hours  will   be  indicated  in  the  24  hour  system    (i.e.    from  00:00:00 
through  23:59:59) . 

Interval    time  will   be  indicated  in  the  sequence: 

days : hours : minutes : seconds 

using  the  abbreviations   "days" ,    "hrs",    "min" ,    "sec",    if  required. 

Fractions  of  a  second  will   be  expressed  in  tenths,   or  hundredths 
of  a  second ,    as  for  example :      1:12:15:05.8 . 
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70.1   time  elements  will  be  separated  by  a  colon.      Decimal  fractions 
of  a  second  will  be  indicated  by  a  decimal  point. 


6.7     Time  Zone 

For  national  network  operations ,   the  time  zone  should  be  indicated 
as  a  three-character  code  immediately  following  the  time  designation. 

Exampl e:      13:45: 08EST 

For  international  network  operations r  Greenwich  Mean  Time  will  be 
used,  followed  by  the  international  zone  designator  Z. 

Exampl e:      13:40:16Z 
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7.  PROCEDURAL  OPTIONS 

At  least   two  options  should  be  available   to  a   user  for  system 
access:      an  interactive  option,   or  instructional   version,    where  each 
user  step  is  elicited  by  explicit   instructions  from  the  system;   and  an 
abbreviated  option  which  requires  only  one   user  entry  of  all   required 
data. 

The  outlines  in   tables  1   and  2  illustrate  the  interactive  version. 
An  abbreviated  version  is  outlined  in   table   3. 

Note:      It   is  not  clear  at   this  time   that  a  completely  interactive 
access  procedure  would  be  required  to  access  an   interactive 
information  system.      The  automatic,    world-wide   telephone 
system  provides  an  example  of  a   universal ,   standardized 
method,   where  a  customer  dials  in  sequence  an  overseas 
operator  code,   a  country  code,   an  area  code,    a  city  code, 
and  a  local   number. 

An  interactive  access  procedure  may  be   useful   as  an  instructional 
device,   or  as  an  option  for  the  casual   user.      An  abbreviated  access 
procedure  may  well   be  preferred  by  the  regular  user  of  an   interactive 
information  system. 

The  interactive  version   should  be  designed  to  be  easy  to  use     for 
an  inexperienced  user;    the  abbreviated,   or  terse  version   should  be  de- 
signed for  the  convenience  of  the  experienced  user.      These  two  modes 
need  not   be  mutually  exclusive;    to  help  the  new  user  become  experienced 
and  more  proficient,    the  system  should  permit  and  encourage  a  gradual 
transition  from  one  extreme  to  the  other,   at   the   user's  discretion. 
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8 .       DEFINITIONS 


Access  Procedure  -   The  method  of  permitting  a   terminal    user  to  initiate 
and   terminate  operation  and   use  of  a   computer-based  service. 

Accounting  Message   -  A  message,    usually  sent   to  the   user  at   the  end  of  a 
terminal   session,    furnishing  detail   on  resources  expended 
during  that   session. 

Acknowl edgment   -  A  message  indicating  to   the  user  that   the  system  is 
operational . 

Authentication  -   The  process  of  verification  of  user  identification. 

Authorization  -   The  process  of  permitting  access   to   the  service. 

Conversational    -  Pertaining  to  a  mode  of  processing,    that   involves  step- 
by-step  interaction  between   the   user  at   a   terminal   and  a 
computer,   by  means  of  keyboard  and  display. 

Entry  Procedure  -  Part  of  the  access  procedure ,    which  permits  a   user   to 
operate  a   computer-based  service. 

Error  Message  -  A  system  message  indicating  the  nature  of  a  fault,   and 
often   the  remedial   action   to  be   taken  by  the   user. 

Exit  Procedure  -  Part  of  the  access  procedure,   which  permits  a   user  to 
terminate  a  computer-based  service. 

Identification   -    (1)    The  process  of  providing  personal,    equipment,    or 
organizational   characteristics  or  codes   to  gain  access   to 
computer  services,   programs ,   or  data.       (2)    the  process  of 
determining  personal ,    equipment ,    or  organizational   character- 
istics or  codes   to  permit  access. 

Interactive  -  Pertaining  to  exchange  of  information  and  control   between 
a   user  and  the   terminal   and  processor. 

Password  -  A  word  or  string  of  characters  that  is  recognizable  by 

automatic  means  and  that  permits  a   user  access   to  protected 
storage  files,   or  input  or  output  devices. 

Privacy  -   The  right   of  an   individual    to  control   information  about   himself. 

Protocol    -  A  formal   set  of  conventions  governing   the  format  and  relative 
timing  of  message  exchange  between   the  user  and   the  system. 

System  Message  -  A  message  or  request   from  the  system  to   the   user. 
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System  Security   -  The  totality  of  measures  taken  to  protect  a  system  from 
unauthorized  access,  accidental  or  willful  interference  with 
normal  operations,  or  destruction. 

System  Signal  -  A  message  generated  by  a  computer,   that  indicates  to  the 
terminal  user,   that  an  immediate  processing  task  is  completed, 
and  that  the  next  action  is  up  to  the  user. 

Terminal  -  A  device  that  permits  data  input  into  or  data  output  from  a 
computer  system,  e.g.   a  teletypewriter,  a  cathode  ray  tube 
and  keyboard  device,   etc. 

User  ~  A  terminal  operator  who  may  be  a  functional  specialist  or  manager, 
and  is  not  assumed  to  have  computer  or  programming  background. 

User  Command  -  A  brief  operational   user  message. 

User  Identification  Message  -  A  message  entered  by  the  user,   which  is 
used  to  obtain  accounting  data,  and  which  is  also  used  to 
permit  access  to  the  system. 

User  Message  -  A  message  from  the  user  to  the  system. 

User  Number  -  A  number  assigned  to  a  user,  which  is  used  as  part  of  the 
identification  process. 

User  Signal  -  A  user  command,   indicating  to  the  system  that  user  entry 
of  data  has  been  completed. 
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